- Microsoft Warns North Korean Company Sapphire Sleet (APT38) Targeting Western Companies With Fake Job Scams
- Malicious Zoom Lookalike Unleashes Information Thieves to Steal Cryptocurrency
- The campaign focuses on macOS users; Apple pushed automatic protections to block attacks
North Korean state-sponsored threat actors called Sapphire Sleet are targeting Western companies with infostealer malware in a bid to steal their cryptocurrencies, experts have warned.
Microsoft security analysts said the group, also known as APT38, and most likely a spinoff of the infamous Lazarus Group, has been active since at least 2020 and has used one of the most effective techniques in its arsenal: fake jobs.
Sapphire Sleet would create a whole host of fake and non-existent things on social media: companies, recruiters, job offers and whatever else is necessary to make the scam look like a legitimate hiring attempt – with victims then being approached, either by email or through various social media channels, and being offered the job (with tempting pay offers).
Article continues below
Attack humans
During the process, however, the “recruiters” would ask the victim to join a Zoom video call, but the software used is not the real Zoom. Rather, it is a fake malicious version, designed to land an information thief on the device.
Speaking about the report, Sherrod DeGrippo, general manager of global threat intelligence at Microsoft, said The register why scammers focus on attacking the human rather than the system: “Social engineering allows attackers to bypass hardened perimeters by convincing users to act on their behalf, thereby turning a human into a vulnerability. It’s inexpensive, hard to fix, and scalable,” DeGrippo explained.
“Users are conditioned to accept remote support interactions like downloading tools, following instructions, clicking on prompts,” she added. “Attackers exploit this familiarity to make malicious actions appear routine, thereby reducing victims’ skepticism at the critical moment of compromise.”
The campaign targets macOS users, it was said. Microsoft contacted Apple, which added “platform-level protections” to help detect and block malware and the infrastructure it uses. The updates were sent automatically, meaning users don’t need to update them manually.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
